Add zod parsing for OAuthMetadataSchema and OAuthTokensSchema

allenzhou101 · allenzhou101 · commit 95bbd60a38f4 · 2025-02-05T12:42:09.000-08:00
diff --git a/client/src/lib/auth.ts b/client/src/lib/auth.ts
@@ -26,21 +26,23 @@ export async function discoverOAuthMetadata(
 
     if (response.ok) {
       const metadata = await response.json();
-      return {
+      const validatedMetadata = OAuthMetadataSchema.parse({
         authorization_endpoint: metadata.authorization_endpoint,
         token_endpoint: metadata.token_endpoint,
-      };
+      });
+      return validatedMetadata;
     }
   } catch (error) {
     console.warn("OAuth metadata discovery failed:", error);
   }
 
   // Fall back to default endpoints
   const baseUrl = new URL(serverUrl);
-  return {
+  const defaultMetadata = {
     authorization_endpoint: new URL("/authorize", baseUrl).toString(),
     token_endpoint: new URL("/token", baseUrl).toString(),
   };
+  return OAuthMetadataSchema.parse(defaultMetadata);
 }
 
 export async function startOAuthFlow(serverUrl: string): Promise<string> {
@@ -98,7 +100,8 @@ export async function handleOAuthCallback(
     throw new Error("Token exchange failed");
   }
 
-  return await response.json();
+  const tokens = await response.json();
+  return OAuthTokensSchema.parse(tokens);
 }
 
 export async function refreshAccessToken(
@@ -126,5 +129,6 @@ export async function refreshAccessToken(
     throw new Error("Token refresh failed");
   }
 
-  return await response.json();
+  const tokens = await response.json();
+  return OAuthTokensSchema.parse(tokens);
 }

Original file line number	Diff line number	Diff line change
`@@ -26,21 +26,23 @@ export async function discoverOAuthMetadata(`
`26`	`26`
`27`	`27`	`if (response.ok) {`
`28`	`28`	`const metadata = await response.json();`
`29`		`- return {`
	`29`	`+ const validatedMetadata = OAuthMetadataSchema.parse({`
`30`	`30`	`authorization_endpoint: metadata.authorization_endpoint,`
`31`	`31`	`token_endpoint: metadata.token_endpoint,`
`32`		`- };`
	`32`	`+ });`
	`33`	`+ return validatedMetadata;`
`33`	`34`	`}`
`34`	`35`	`} catch (error) {`
`35`	`36`	`console.warn("OAuth metadata discovery failed:", error);`
`36`	`37`	`}`
`37`	`38`
`38`	`39`	`// Fall back to default endpoints`
`39`	`40`	`const baseUrl = new URL(serverUrl);`
`40`		`- return {`
	`41`	`+ const defaultMetadata = {`
`41`	`42`	`authorization_endpoint: new URL("/authorize", baseUrl).toString(),`
`42`	`43`	`token_endpoint: new URL("/token", baseUrl).toString(),`
`43`	`44`	`};`
	`45`	`+ return OAuthMetadataSchema.parse(defaultMetadata);`
`44`	`46`	`}`
`45`	`47`
`46`	`48`	`export async function startOAuthFlow(serverUrl: string): Promise<string> {`
`@@ -98,7 +100,8 @@ export async function handleOAuthCallback(`
`98`	`100`	`throw new Error("Token exchange failed");`
`99`	`101`	`}`
`100`	`102`
`101`		`- return await response.json();`
	`103`	`+ const tokens = await response.json();`
	`104`	`+ return OAuthTokensSchema.parse(tokens);`
`102`	`105`	`}`
`103`	`106`
`104`	`107`	`export async function refreshAccessToken(`
`@@ -126,5 +129,6 @@ export async function refreshAccessToken(`
`126`	`129`	`throw new Error("Token refresh failed");`
`127`	`130`	`}`
`128`	`131`
`129`		`- return await response.json();`
	`132`	`+ const tokens = await response.json();`
	`133`	`+ return OAuthTokensSchema.parse(tokens);`
`130`	`134`	`}`